Beruflich Dokumente
Kultur Dokumente
2011 Certification
Test Script and Step Number
Year
introduced
Criteria # Category Criteria Comments Criteria Reference AMB = Ambulatory Test
or last
Script
modified
SEC = Security Test Script
AM 01.01 Identify and The system shall create a single patient DC.1.1.1 AMB 1.02
maintain a record for each patient. 2006 P
patient record
AM 01.02 Identify and The system shall associate (store and Key identifier information must be unique to DC.1.1.1 AMB 1.02
maintain a link) key identifier information (e.g., the patient record but may take any system
2006 P defined internal or external form.
patient record system ID, medical record number) with
each patient record.
AM 01.03 Identify and The system shall provide the ability to For interoperability, practices need to be able DC.1.1.1 AMB 1.03
maintain a store more than one identifier for each to store additional patient identifiers.
Examples include an ID generated by an
patient record patient record. Enterprise Master Patient Index, a health plan
2006 P
or insurance subscriber ID, regional and/or
national patient identifiers if/when such
become available.
AM 01.04 Identify and The system shall provide a field which will Examples may include patients who are DC.1.1.1 AMB 4.73, 4.74
deceased, transferred, moved, seen as
maintain a identify patients as being exempt from
consults only. Being exempt from reporting is
patient record reporting functions. 2006 P not the same as de-identifying a patient who
will be included in reports. De-identifying
patients for reporting is addressed in the
"Health record output" functionality.
AM 01.05 Identify and The system shall provide the ability to If a duplicate chart is created, information DC.1.1.1 AMB 1.04
maintain a merge patient information from two patient could be merged into one chart.
patient record records into a single patient record. 2009 N Does not imply an unmerge capability. The
intent is to merge information for a single
patient; this would include discrete data
elements from both patient records.
AM 02.01 Manage patient The system shall provide the ability to This includes using demographics to DC.1.1.2 AMB 1.38
demographics include demographic information in generate reports and also allows
2006 P demographics to be gathered into a report.
reports. See also "Report generation" functionality.
AM 02.02 Manage patient The system shall provide the ability to Providers need this for look up and contact DC.1.1.2 AMB 1.07
demographics maintain and make available historic purposes, e.g., when attempting to locate a
patient or family member for clinical
information for demographic data communications.
2007 P
including prior names, addresses, phone
numbers and email addresses.
AM 02.04 Manage patient The system shall provide the ability to DC.1.1.2 AMB 1.06
demographics modify demographic information about the
2006 P
patient.
AM 02.05 Manage patient The system shall store demographic DC.1.1.2 AMB 1.06
demographics information in the patient medical record in
separate discrete data fields, such that
2006 P
data extraction tools can retrieve these
data.
FN 01.01 Manage The system shall provide the ability to Examples of a minimum set of demographic Source is WG discussion and AMB 1.03
Patient access demographic information such as data elements include: name, address, cross-group harmonization.
phone number and date of birth. It is
Demographics name, date of birth and gender needed for assumed that all demographic fields
patient care functions. 2008 P necessary to meet legislative, regulatory,
research and public health requirements will
be included.
This criterion will be replaced by FN 01.01.01
in 10.
FN 01.02 Manage The system shall capture and maintain Examples of a minimum set of demographic AMB 1.02, 1.06
Patient demographic information as discrete data data elements include: name, address,
phone number and date of birth. It is
Demographics elements as part of the patient record. assumed that all demographic fields
2008 P necessary to meet legislative, regulatory,
research and public health requirements will
be included.
This criterion will be replaced by FN 01.01.01.
FN 02.01 Manage The system shall provide the ability to For example, patient last name, medical Source is WG discussion and AMB 1.03
Patient query for a patient by more than one form 2007 P record number, account number or phone cross-group harmonization.
number.
Demographics of identification.
FN 03.01 Manage The system shall provide the ability to A provider is defined as anyone delivering S.3.4 AMB ADM.07
Practitioner/Pat capture and maintain, as discrete data clinical care such as physicians, PAs, CNPs
and Nurses; the provider is the person who
ient elements, the identity of all providers 2008 P completes the note.
Relationships associated with a specific patient
encounter.
FN 03.02 Manage The system shall provide the ability to S.3.4 AMB 4.05
Practitioner/Pat capture and maintain, as discrete data
ient elements, the principal provider 2008 P
Relationships responsible for the care of an individual
patient.
FN 04.02 Manage The system shall provide the ability to Would include current/active and Source is WG discussion and AMB 2.07, 4.11
problem list capture, maintain and display, as discrete past/resolved problems. cross-group harmonization.
AM 03.03 Manage The system shall provide the ability to It is a vendor design decision whether to DC.1.4.3 AMB 2.07
problem list maintain the onset date of the 2006 P require complete date or free text of
approximate date.
problem/diagnosis.
AM 03.04 Manage The system shall provide the ability to Source is public comments and AMB 4.11
WG discussion.
problem list maintain the resolution date of the 2009 N
problem/diagnosis.
AM 03.05 Manage The system shall provide the ability to DC.1.4.3 Does not appear in test script;
problem list record the chronicity (chronic, acute/self- 2006 P see Certification Handbook
AM Manage The system shall provide the ability to Source is public comments and AMB 4.35
WG discussion.
03.08.01 problem list associate orders and medications with
2009 N
one or more codified problems/diagnoses.
AM 03.09 Manage The system shall provide the ability to For example: ICD-9 CM, ICD-10 CM, DC.1.4.3 AMB 2.06, 4.11, 4.32
problem list maintain a coded list of SNOMED-CT, DSM-IV. The Work Group will
2007 P not specify which code set(s) are to be
problems/diagnoses. employed.
FN 04.06 Manage The system shall provide the ability to For example, active, all, or resolved or Source is WG discussion and AMB 4.14
problem list display different views of the problem / charted in error. cross-group harmonization.
2009 N
diagnosis list based upon the status of the
problem.
FN 04.01 Manage The system shall provide the ability to Source is WG discussion and AMB 4.52
problem list capture, maintain and display free text cross-group harmonization.
2009 N
comments associated with the problem /
diagnosis.
AM 04.02 Manage The system shall provide the ability to DC.1.4.2 AMB 1.64
medication list record the prescribing of medications 2006 P
including the identity of the prescriber.
AM 04.03 Manage The system shall provide the ability to DC.1.4.2 AMB 1.43
2006 P
medication list maintain medication ordering dates.
AM 04.04 Manage The system shall provide the ability to DC.1.4.2 AMB 1.43, 1.49, 4.19, 4.20
medication list maintain other dates associated with
2006 P
medications including start, modify,
renewal and end dates as applicable.
AM 04.05 Manage The system shall provide the ability to For clarification, medication history includes DC.1.4.2 AMB 4.36
medication list display medication history for the patient. all medications prescribed since the EMR was
2006 P
established.
AM 04.06 Manage The system shall provide the ability to It is important to have all current medications DC.1.4.2 AMB 4.31, 4.36
medication list capture medications entered by authorized in the system for drug interaction checking.
This in the future would include the
users other than the prescriber. incorporation of medication history obtained
2006 P from outside electronic interfaces from
insurers, PBMs, etc. "User" means medical
and non-medical staff who are authorized by
policy to enter prescriptions or other
documentation.
AM 04.07 Manage The system shall store medication DC.1.4.2 AMB 1.64
medication list information in discrete data fields. At a
minimum, there must be one field for each
of the following:
2009 N
- medication name, form and strength;
- dispense quantity;
- refills; and
- sig.
AM 04.09 Manage The system shall provide the ability to Medications that are not on the vendor- Source is public comments and AMB 4.24
medication list enter uncoded or free text medications provided medication database or not enough WG discussion.
information is available to completely identify
when medications are not on the vendor- the medication. This could be either uncoded
2007 P
provided medication database or (Synthroid unknown dose) or free text (blue
information is insufficient to completely hypertension pill).
identify the medication.
AM 04.10 Manage The system shall provide the ability to Source is public comments and AMB 4.87
medication list enter or further specify in a discrete field 2007 P WG discussion.
medications.
FN 06.03 Manage The system shall provide the ability to Source is WG discussion and AMB 4.25, 4.36
medication list exclude a medication from the current cross-group harmonization.
medications.
FN 06.06 Manage The system shall provide the ability to DC.1.4.2 AMB 4.19, 4.20, 4.27, 4.31,
medication list capture and maintain, as discrete data 4.36
AM 05.03 Manage allergy The system shall provide the ability to DC.1.4.1 AMB 1.26
and adverse display information which has been
2009 N
reaction list inactivated or removed from the allergy
and adverse reaction list.
FN 05.04 Manage allergy The system shall provide the ability to Source is WG discussion and AMB 1.16
and adverse specify the type of allergic or adverse cross-group harmonization.
2009 N
reaction list reaction in a discrete data field.
FN 05.05 Manage allergy The system shall provide the ability to Attributes include the name of the allergen Source is WG discussion and AMB 1.17
and adverse capture and maintain, as discrete data, the and the action (added, modified, inactivated cross-group harmonization.
or removed).
reaction list identity of the user who added, modified,
inactivated or removed items from the
2008 P
allergy and adverse reaction list, including
attributes of the changed items. The user
ID and date/time stamp shall be recorded.
FN 05.07 Manage allergy The system shall provide the ability for a Source is WG discussion and AMB 1.27, 1.28
and adverse user to explicitly capture and maintain, as cross-group harmonization.
FN 05.13 Manage allergy The system shall provide the ability to Source is WG discussion and AMB 1.13, 1.15
cross-group harmonization.
and adverse capture, maintain and display, as discrete
reaction list data, lists of medications and other agents 2006 P
to which the patient has had an allergic or
other adverse reaction.
AM 06.01 Manage patient The system shall provide the ability to Examples include past medical/surgical DC.1.2 AMB 2.04
history capture, store, display, and manage 2006 P problems, diagnoses, procedures, family
history and social history.
patient history.
AM 06.02 Manage patient The system shall provide the ability to This function demonstrates the ability of a DC.1.2 AMB 1.11, 2.05
history capture structured data in the patient system to capture structured data but does
not define the required elements of the
history. patient history that shall be structured.
Discrete data elements allow for searching
and/or reporting by the EHR, and for this
2007 P criterion the data could be free text or
codified. Future functions would define the
required patient history elements that shall be
captured discretely as structured data, and
where appropriate codified terminologies will
be used.
AM 06.03 Manage patient The system shall provide the ability to Requirement not predicated on the capture of DC.1.2 AMB 2.04
history update a patient history by modifying, structured data.
2008 P
adding or removing items from the patient
history as appropriate.
AM 06.04 Manage patient The system shall provide the ability to Requirement not predicated on the capture of DC.1.2 AMB 1.11
history capture patient history as both a presence structured data.
AM 06.05 Manage patient The system shall provide the ability to This could include data from a personal DC.1.2 AMB 2.03
history capture history collected from outside health record, online patient histories, and
information from pharmacy benefit
sources. 2008 P management organizations.
Please see interoperability criteria (IO-AM
11.xx) for specific requirements for electronic
importation.
AM 06.06 Manage patient The system shall provide the ability to Not all data elements may currently be DC.1.2 AMB 2.05
history capture patient history in a standard coded represented in existing standard coding
schemes.
form. 2008 P
An example would be diagnostic and
procedural history using ICD-9, CPT, or
SNOMED codes.
AM 07.01 Summarize The system shall provide the ability to Health record summary is at the patient level DC.1.1.4 Does not appear in test script;
health record create and display a summary list for each as opposed to at the level of an individual see Certification Handbook
visit or episode of care.
patient that includes, at a minimum, the
2006 P
active problem/diagnosis list, current
medication list, medication allergies and
adverse reactions
AM 08.01 Manage clinical The system shall provide the ability to DC.1.9.1 AMB 4.19, 4.62
documents and create clinical documentation or notes
2006 P
notes (henceforth "documentation").
AM 08.02 Manage clinical The system shall provide the ability to DC.1.9.1 AMB 4.19, 4.62
documents and display documentation.
2006 P
notes
AM 08.03 Manage clinical The system shall provide the ability to This item is likely to be removed in favor of DC.1.9.1 AMB 4.33
documents and save a note in progress prior to finalizing PC 04.08.
2006 P
notes the note.
AM 08.04 Manage clinical The system shall provide the ability to Medico-Legal. User rights are determined by DC.1.9.1 AMB 1.56, 4.38
documents and finalize a note, i.e., change the status of role-based access defined in security. Only
authorized users can complete, change or
notes the note from in progress to complete so finalize a clinical note. The words, "sign,"
that any subsequent changes are "signature," "cosign," and "cosignature" are
recorded as such. intended here to convey actions, rather than
referring to digital signature standards. It is
recognized that an electronic signature is
2006 P useful here. However, a widely accepted
standard for electronic signatures does not
exist. Thus, the criteria calls for documenting
the actions of authenticated users at a
minimum. In the future, when appropriate
digital signature standards are available,
certification criteria may be introduced using
such standards.
AM 08.05 Manage clinical The system shall provide the ability to Medico-Legal. User rights are determined by DC.1.9.1 AMB 1.52, 1.56
documents and record the identity of the user finalizing role-based access defined in security. Only
authorized users can complete, change or
notes each note and the date and time of finalize a clinical note. The words, "sign,"
finalization. "signature," "cosign," and "cosignature" are
intended here to convey actions, rather than
referring to digital signature standards. It is
recognized that an electronic signature is
2006 P useful here. However, a widely accepted
standard for electronic signatures does not
exist. Thus, the criteria calls for documenting
the actions of authenticated users at a
minimum. In the future, when appropriate
digital signature standards are available,
certification criteria may be introduced using
such standards.
AM 08.06 Manage clinical The system shall provide the ability to The words, "sign," "signature," "cosign," and Source is public comments and AMB 1.56
documents and cosign a note and record the date and "cosignature" are intended here to convey WG discussion.
actions, rather than referring to digital
notes time of signature. signature standards. It is recognized that an
electronic signature is useful here. However,
a widely accepted standard for electronic
signatures does not exist. Thus, the criteria
calls for documenting the actions of
2007 P authenticated users at a minimum. In the
future, when appropriate digital signature
standards are available, certification criteria
may be introduced using such standards.
ASTM has developed "2003 Updated ASTM
Standard Guide for Electronic Authentication
of Health Care Information" to address some
of these issues.
AM 08.07 Manage clinical The system shall provide the ability to The words, "sign," "signature," "cosign," and DC.1.9.1 AMB 4.48
documents and addend and/or correct notes that have "cosignature" are intended here to convey
actions, rather than referring to digital
notes been finalized. signature standards. It is recognized that an
electronic signature is useful here. However,
a widely accepted standard for electronic
2006 P signatures does not exist. Thus, the criteria
calls for documenting the actions of
authenticated users at a minimum. In the
future, when appropriate digital signature
standards are available, certification criteria
may be introduced using such standards.
AM 08.08 Manage clinical The system shall provide the ability to This may be in the GUI or in the audit trail. It Source is public comments and AMB 4.49
documents and identify the full content of a modified note, is adequate to be able to access pre- and WG discussion.
post-modification versions of a note; i.e. it is
notes both the original content and the content not necessary for the system to have a single
resulting after any changes, corrections, 2009 N display that shows what modifications were
clarifications, addenda, etc. to a finalized made. The intent of this criterion is to specify
note. the information stored after finalization of a
note; other criteria specify requirements prior
to finalization.
AM 08.09 Manage clinical The system shall provide the ability to Necessary for medico-legal purposes. The DC.1.9.1 AMB 4.48
documents and record and display the identity of the user words, "sign," "signature," "cosign," and
"cosignature" are intended here to convey
notes who addended or corrected a note and the actions, rather than referring to digital
date and time of the change. signature standards. It is recognized that an
electronic signature is useful here. However,
2008 P a widely accepted standard for electronic
signatures does not exist. Thus, the criteria
calls for documenting the actions of
authenticated users at a minimum. In the
future, when appropriate digital signature
standards are available, certification criteria
may be introduced using such standards.
AM 08.10 Manage clinical The system shall provide the ability to DC.1.9.1 Does not appear in test script;
documents and enter free text notes. see Certification Handbook
2006 P
notes
AM 08.11 Manage clinical The system shall provide the ability to DC.1.9.1 AMB 4.68
documents and filter, search or order notes by the provider
2007 P
notes who finalized the note.
AM 08.12 Manage clinical The system shall provide the ability to This is intended to be the coded diagnosis DC.1.9.1 AMB 4.22
and not free text in the body of a note.
documents and filter, search or order notes by associated
2007 P
notes diagnosis within a patient record.
AM 08.13 Manage clinical The system shall provide the ability to It is understood that vendors should support DC.1.9.1 AMB 1.18
documents and capture patient vital signs, including blood conversion to numeric values that can be
graphed. Coding in ICD-9 CM, ICD-10 CM,
notes pressure, heart rate, respiratory rate, 2006 P SNOMED, UMLS, etc., would enhance
height, and weight, as discrete data. interoperability and for public health
surveillance or clinical research.
AM 08.14 Manage clinical The system shall provide the ability to The criterion requires that the system be able Source is public comments and AMB 1.18, 1.61
to display both; it does not require that both WG discussion.
documents and capture and display temperature, weight
2009 N are able to display on the same screen at the
notes and height in both metric and English units same time.
AM 08.15 Manage clinical The system shall be capable of indicating Normal range shall be set at system level as Source is public comments and AMB 1.18
documents and to the user when a vital sign measurement opposed to individual patient level. WG discussion.
notes falls outside a preset normal range as set At a minimum, this must be possible for the
2009 N
by authorized users. following vital signs: systolic and diastolic
blood pressures, heart rate, temperature and
respiratory rate.
AM 08.16 Manage clinical The system shall provide the ability to For example, quantitative tobacco DC.1.9.1 AMB 4.12, 4.13
documents and capture other clinical data elements as consumption, peak expiratory flow rate, size
2008 P of lesions, severity of pain, etc.
notes discrete data.
AM 08.19 Manage clinical The system shall provide templates for Templates may include any patient encounter DC.1.9.1 AMB 1.18
note documentation tool that provide a pre-
documents and inputting data in a structured format as
set collection of clinical findings or fields,
notes part of clinical documentation. including macros driven by speech
2008 P recognition technology, branching logic.
AM 08.20 Manage clinical The system shall provide the ability to Customization at the level of clinical content is DC.1.9.1 AMB ADM.06
documents and customize clinical templates. satisfactory.
2006 P
notes
AM 08.21 Manage clinical The system shall be capable of recording For the current year it is sufficient for these to Source is public comments and AMB 2.11
documents and comments by the patient or the patient's be recorded as either free-text notes or WG discussion.
scanned paper documents. It is not required
notes representative regarding the accuracy or 2008 P that the system facilitate direct entry into the
veracity of information in the patient system by the patient or patient's
record (henceforth 'patient annotations'). representative.
AM 08.22 Manage clinical The system shall display patient A patient annotation in free-text or scanned- Source is public comments and AMB 2.12
document form as described in AM 08.18, WG discussion.
documents and annotations in a manner which
when displayed, should indicate that it comes
notes distinguishes them from other content in from a patient. This could be a text label on
the system. 2008 P the screen or part of the free-text note itself.
It is not necessary to make patient
annotations visible from any and all sections
of the patient record.
AM 08.24 Manage clinical The system shall provide the ability to Source is public comments and AMB 1.21.AM, 1.21.CV
WG discussion.
documents and graph height and weight over time.
2006 P
notes
AM 08.25 Manage clinical The system shall provide the ability to Source is public comments and AMB 1.19
documents and calculate and display body mass index WG discussion.
2009 N
notes (BMI).
AM 09.01 Capture The system shall provide the ability to Scanned documents are sufficient; structured DC.1.1.3.1 AMB 4.43
external clinical capture and store external documents. data will be expected in the future. This
covers all types of documents received by the
documents practice that would typically be incorporated
2008 P into a medical record, including but not limited
to faxes, referral authorizations, consultant
reports, and patient correspondence of a
clinical nature.
AM 09.03 Capture The system shall provide the ability to DC.1.1.3.1 AMB 1.32
external clinical save scanned documents as images.
2006 P
documents
AM 09.04 Capture The system shall provide the ability to This could be either from an outside system DC.1.1.3.1 AMB 4.43
external clinical receive, store in the patient's record, and or from scanning with optical character
2008 P recognition.
documents display text-based outside reports.
AM Capture The system shall provide the ability to These dates may include the date the original Source is public comments and AMB 1.33
document was produced, received and/or WG discussion.
09.05.01 external clinical index scanned documents and associate
scanned.
documents a date and document type to the 2009 N
document. Indexing implies associating a scanned
document with an individual patient record.
AM Capture The system shall provide the ability to Document types might include lab notes, Source is public comments and AMB 1.34
progress notes, etc. WG discussion.
09.05.02 external clinical retrieve indexed scanned documents
2009 N
documents based on document type and date.
AM 09.06 Capture The system shall provide access to clinical These images may include but are not limited DC.1.1.3.1 AMB 4.45
external clinical images. They must be accessible from to radiographic, digital or graphical images.
Eventually the goal would be to allow linkage
documents within the patient's chart and labeled and to outside systems such as a hospital PAC
date-time stamped or included in a patient system.
encounter document. These images may
2008 P The date/time stamp may be the date/time of
be stored within the system or be provided
image creation or acquisition, the date/time of
through direct linkage to external sources.
image importation/incorporation into the
system, date/time of the clinical encounter
with which the image is associated, or
manually entered by the user.
AM 09.07 Capture The system shall provide the ability to This is limited to clinical data received through DC.1.1.3.1 AMB 2.52, 4.15, 4.16, 4.17
interfaces as defined in CCHIT interoperability
external clinical accept, store in the patient's record, and
criteria.
documents display clinical results received through an It is acceptable if certain data received
2008 P
interface with an external source. through an interface, if not relevant to the end
user, are not displayed in the application.
FN 14.01 Generate and The system shall provide the ability to An example would be a vaccine information Source is WG discussion and AMB 2.08
record patient- produce patient instructions and patient statement. cross-group harmonization.
AM 10.04 Generate and The system shall have the ability to It is not required that the modified document Source is public comments and AMB 2.15
record patient- provide access to patient-specific test and be stored in the patient record. WG discussion.
FN 17.01 Generate and The system shall provide the ability to Source is WG discussion and AMB 1.47
record patient- access and review medication information cross-group harmonization.
AM 11.03 Order The system shall provide the ability to DC.1.7.1 AMB 1.64
medication capture the identity of the prescribing 2008 P
provider for all medication orders.
AM 11.04 Order The system shall provide the ability to We encourage the development of standard DC.1.7.1 AMB 1.64, 4.62
medication capture common content for prescription national abbreviations and that only approved
abbreviations should be supported.
details including strength, sig, quantity, 2006 P
and refills to be selected by the ordering
clinician.
AM 11.05 Order The system shall provide the ability to Will be required by e-prescribing. This Source is public comments and SEC 6.22
medication receive and display information received criterion should maintain a record of whether WG discussion.
2008 P the patient was eligible for coverage in the
through electronic prescription eligibility system.
checking.
AM 11.07 Order The system shall provide the ability to DC.1.7.1 AMB 4.27
medication reorder a prior prescription without re-
2006 P
entering previous data (e.g. administration
schedule, quantity).
AM 11.08 Order The system shall provide the ability to print DC.1.7.1 AMB 1.45, 1.65
2008 P
medication and electronically fax prescriptions.
AM 11.09 Order The system shall provide the ability to re- This allows a prescription that did not come Source is public comments and AMB 1.46, 1.66
medication print and re-fax prescriptions. out of the printer, or a fax that did not go WG discussion.
2008 P
through, to be resent/reprinted without
entering another prescription.
AM 11.11 Order The system shall provide the ability to The intent is to allow input of dose-per-weight DC.1.7.1 AMB 1.63
medication display a dose calculator for patient- and patient weight and calculate the
corresponding dose. The dose-per-weight
specific dosing based on weight. might be directly inputted by a user at the
time the dose calculation is to occur, or might
have been inputted previously as the default
for a particular medication. The output may
2008 P be in terms that take into account a particular
strength and dosage form of a medication
(e.g. "5ml or "2 tablets") OR may be simply in
terms of the amount of the active drug
component (e.g. "250"). It is not required that
the dose calculator automatically populate
fields in the prescription itself.
AM 11.12 Order The system shall provide the ability to Lot numbers and expiration date could be DC.1.7.1 AMB 4.88
medication identify medication samples dispensed, 2007 P entered in free text or encoded.
AM 11.15 Order The system shall provide the ability to This refers to the "written" output and Source is public comments and AMB 1.48, 1.49
language on the printed prescription such as WG discussion.
medication allow the user to configure prescriptions to
practice address, practice telephone number,
incorporate fixed text according to the legally mandated text. For instance, users
2006 P
user's specifications. should be able to modify the format/content of
printed prescriptions to comply with state
Board of Pharmacy requirements.
FN 09.04 General The system shall provide the ability to Source is WG discussion and AMB 1.64, 4.35
Ordering capture and maintain, as discrete data, a cross-group harmonization.
AM 11.19 Order The system shall provide the ability to Source is public comments and AMB 4.23
medication create provider specific medication lists of WG discussion.
FN 07.01 Order The system shall provide the ability to alert Source is WG discussion and AMB 4.24
medication the user at the time a new medication is cross-group harmonization.
FN 07.02 Order The system shall provide the ability to Source is WG discussion and AMB 4.24
medication prescribe/order uncoded and non- 2007 P cross-group harmonization.
formulary medications.
FN 07.03 Order The system shall provide the ability to Source is WG discussion and AMB ADM.05
medication maintain a coded list of medications cross-group harmonization.
2008 P
including a unique identifier for each
medication.
FN 07.04 Order The system shall provide end-users the Source is WG discussion and AMB 1.43
medication ability to search for medications by generic 2007 P cross-group harmonization.
or brand name.
FN 07.05 Order The system shall provide the ability to The reference information may reside within Source is WG discussion and AMB 1.44
medication access reference information for 2008 P the system or be provided through links to cross-group harmonization.
external sources.
prescribing/ordering.
AM 12.01 Order The system shall provide the ability to This includes physicians and authorized non- DC.1.7.2.2 AMB 4.34
diagnostic tests order diagnostic tests, including labs and 2006 P physicians.
imaging studies.
AM 12.02 Order The system shall provide the ability to Source is public comments and AMB 4.34
diagnostic tests capture the identity of the ordering 2006 P WG discussion.
AM 12.05 Order The system shall provide the ability to Mechanisms for relaying orders may include DC.1.7.2.2 AMB 2.16
providing a view of the order, sending it
diagnostic tests relay orders for a diagnostic test to the 2006 P
electronically, or printing a copy of the order
correct destination for completion. or order requisition.
AM 12.06 Order The system shall have the ability to Additional sorts and filters may be provided DC.1.7.2.2 AMB 2.22
diagnostic tests provide a view of active orders for an 2007 P by the vendors but not required.
individual patient.
AM 12.07 Order The system shall have the ability to May include filters or sorts. DC.1.7.2.2 AMB 4.41
diagnostic tests provide a view of orders by like or
2007 P
comparable type, e.g., all radiology or all
lab orders.
AM 12.08 Order The system shall provide the ability to A report may satisfy this criterion. Multiple Source is public comments and AMB 2.23
diagnostic tests display outstanding orders for multiple patients may be defined as all patients in the WG discussion.
2009 N organization or a subset.
patients (as opposed to outstanding
orders for a single patient).
FN 09.01 Orders and The system shall provide the ability to Source is WG discussion and AMB 4.35
Referral require problem / diagnosis as an order 2008 P cross-group harmonization.
Management component.
FN 09.02 Orders and The system shall provide the ability to Status may be electronically or manually Source is WG discussion and AMB 4.42
Referral view status information for ordered 2009 N updated. cross-group harmonization.
Management services.
FN 10.01 Order Set The system shall provide the ability to The intent is that the Order Set thus defined Source is WG discussion and AMB 2.13
Templates define a set of items to be ordered as a 2007 P will be used across multiple patients on cross-group harmonization.
multiple occasions.
group.
FN 10.02 Order Set The system shall provide the ability to Source is WG discussion and AMB ADM.02
2007 P cross-group harmonization.
Templates modify order sets.
FN 10.03 Order Set The system shall provide the ability to Source is WG discussion and AMB ADM.02
Templates include in an order set order types cross-group harmonization.
AM 14.07 Manage results The system shall provide the ability to DC.1.8.3 AMB 4.50
2007 P
forward a result to other users.
AM 14.08 Manage results The system shall provide the ability to link In the current year this link can be effected DC.1.8.3 AMB 4.43
the results to the original order. manually by changing the status of the order
from pending to complete. Future
requirements could automate this link for
certain electronically received labs although
2008 P the requirement should not require that all
types of orders be electronically linked to the
results since the variety of result formats can
be quite large (PT consult, Diabetes
education...) and even the variety of lab result
formats can be wide.
AM 14.09 Manage results The system shall provide the ability for a DC.1.8.3 AMB 4.47
user to attach a free text comment to a
2007 P
result that can be seen by another user
who might subsequently view that result.
AM 14.10 Manage results The system shall provide the ability to Through direct storage or links to the data. DC.1.8.3 AMB 4.46
associate one or more images with a non- 2009 N
numerical result.
AM 14.11 Manage results The system shall provide the ability for a This is separate from audit trail. DC.1.8.3 Does not appear in test script;
user to whom a result is presented to 2006 P see Certification Handbook
AM 15.01 Manage The system shall provide the ability to DC.1.3.3 AMB 1.32
consents and capture scanned paper consent 2006 P
authorizations documents (covered in DC.1.1.3.1).
AM 15.02 Manage The system shall provide the ability to Example: Consent forms stored in the DC.1.3.3 AMB 1.31
computer which are capable of being signed
consents and store, display and print patient consent 2007 P
by the patient with either an electronic pen or
authorizations forms. a digital signature once widely available.
AM 15.04 Manage The system shall provide the ability to Needed for HIPAA. Scanned copy is DC.1.3.3 AMB 1.32
consents and store and display administrative 2008 P acceptable for current year.
AM 16.02 Manage patient The system shall provide the ability to This may be recorded in non-structured data DC.1.3.2 AMB 4.03
advance indicate the type of advance directives, or as discrete data.
AM 16.03 Manage patient The system shall provide the ability to This may be recorded in non-structured data DC.1.3.2 AMB 4.04
or as discrete data.
advance indicate when advance directives were
2007 P
directives last reviewed.
AM 17.01 Support for The system shall have the ability to This requirement could be met by simply DC.2.2.1.1 Does not appear in test script;
including links or access to a text document. see Certification Handbook
standard care provide access to standard care plan,
Road map would require more
plans, protocol and guideline documents when comprehensive decision support in the future.
guidelines, requested at the time of the clinical 2006 P This includes the use of clinical trial protocols
protocols encounter. These documents may reside to ensure compliance.
within the system or be provided through
links to external sources.
AM 17.02 Support for The system shall provide the ability to This includes the use of clinical trial protocols DC.2.2.1.1 AMB 1.51
standard care create site-specific care plan, protocol, to ensure compliance. It is expected that in
the future discrete data elements from other
plans, and guideline documents. 2006 P areas of the chart will populate matching
guidelines, fields.
protocols
AM 17.03 Support for The system shall provide the ability to DC.2.2.1.1 AMB 4.18
standard care modify site-specific standard care plan,
plans, protocol, and guideline documents 2007 P
guidelines, obtained from outside sources.
protocols
FN 12.10 Support for The system shall provide the ability to Source is WG discussion and AMB 4.27, 4.62
drug interaction check for potential interactions between cross-group harmonization.
AM 19.05 Support for The system shall provide the ability to set DC.2.3.1.1 AMB ADM.13
drug interaction the severity level at which drug interaction
2006 P
warnings should be displayed.
FN 12.04 Support for The system shall provide the ability to Source is WG discussion and AMB 4.67
drug interaction display, on demand, potential drug-allergy cross-group harmonization.
FN 13.01 Support for The system shall provide drug-diagnosis Source is WG discussion and AMB 4.27
drug interaction interaction alerts at the time of medication 2009 N cross-group harmonization.
prescribing/ordering.
FN 12.11 Support for The system shall provide the ability, when Source is WG discussion and AMB 4.66
drug interaction a new allergy is documented, to check for cross-group harmonization.
alert.
FN 12.06 Support for The system shall provide the ability to Source is WG discussion and AMB 4.29, 4.64
cross-group harmonization.
drug interaction capture and maintain at least one reason
for overriding any drug-drug or drug-
2007 P
allergy/intolerance interaction warning
triggered at the time of medication
prescribing/ordering.
FN 12.07 Support for The system shall provide the ability to Source is WG discussion and AMB 4.29, 4.64
drug interaction enter a structured response when cross-group harmonization.
2009 N
overriding a drug-drug or drug-
allergy/intolerance warning.
FN 12.08 Support for The system shall provide the ability to DC.2.3.1.1 AMB 4.20, 4.30, 4.63
drug interaction prescribe/order a medication despite
2008 P
alerts for interactions and/or
allergies/intolerances being present.
FN 12.09 Support for The system shall provide the ability to Source is WG discussion and SEC 6.24, 6.26
drug interaction accept updates to drug interaction 2008 P cross-group harmonization.
databases
FN 15.01 Manage The system shall provide the ability to Source is WG discussion and AMB 4.51
Medication capture medication administration details cross-group harmonization.
AM 21.02 Support for non- The system shall provide the ability to Necessary for medico-legal purposes. DC.2.4.2 AMB 2.18
medication record user ID and date/time stamp for all
ordering referral related events.
2007 P
(referrals, care
management)
AM 22.01 Present alerts The system shall provide the ability to DC.2.5.1 AMB 1.12, 4.06
for disease establish criteria for disease management,
management, wellness, and preventive services based
2008 P
preventive on patient demographic data (minimally
services and age and gender).
wellness
AM 22.02 Present alerts The system shall provide the ability to Guidelines may be from national DC.2.5.1 AMB 1.12
for disease display alerts based on established organizations, payers, or internal protocols.
management, guidelines.
2008 P
preventive
services and
wellness
AM 22.03 Present alerts The system shall provide the ability to Lab results in future years DC.2.5.1 Does not appear in test script;
for disease establish criteria for disease management, see Certification Handbook
AM 22.11 Present alerts The system shall provide the ability to This is done at the patient level. Examples Source is public comments and AMB 2.09
for disease individualize alerts to address a patient's include but are not limited to: Remove WG discussion.
mammography for woman that has had a
management, specific clinical situation. mastectomy, Remove annual pap smear alert
preventive 2007 P for a woman who has had a complete
services and hysterectomy or Inactivate an alert for routine
wellness colon cancer screening in a patient who is
terminally ill.
AM 23.01 Notifications The system shall provide the ability to DC.2.5.2 AMB 1.12
and reminders identify preventive services, tests or
for disease counseling that are due on an individual
management, patient. 2006 P
preventive
services and
wellness
AM 23.02 Notifications The system shall provide the ability to DC.2.5.2 AMB 1.12
and reminders display reminders for disease
for disease management, preventive and wellness
management, services in the patient record. 2008 P
preventive
services and
wellness
AM 23.03 Notifications The system shall provide the ability to DC.2.5.2 AMB 1.12
and reminders identify criteria for disease management,
for disease preventive and wellness services based
management, on patient demographic data (age, 2006 P
preventive gender).
services and
wellness
AM 23.04 Notifications The system shall provide the ability to DC.2.5.2 AMB ADM.09
and reminders identify criteria for disease management,
for disease preventive, and wellness services based
management, on clinical data (problem/diagnosis list, 2007 P
preventive current medications, lab values).
services and
wellness
AM 23.05 Notifications The system shall provide the ability to This refers to any practice defined authorized DC.2.5.2 AMB 4.82
and reminders modify the guidelines, criteria or rules that user.
AM 23.07 Notifications The system shall provide the ability to DC.2.5.2 Does not appear in test script;
and reminders produce a list of patients who are due or see Certification Handbook
AM 24.01 Clinical task The system shall provide the ability to Examples of tasks are messages, DC.3.1.1 AMB 2.19
assignment create and assign tasks by user or user notifications, inbox items, worklist to-do's. This
2006 P task assignment refers to internal users.
and routing role. External tasks would be handled under
ordering section.
AM 24.02 Clinical task The system shall provide the ability to Examples of tasks are messages, DC.3.1.1 AMB 2.26
assignment present a list of tasks by user or user role. notifications, inbox items, worklist to-do's. This
2007 P task assignment refers to internal users.
and routing External tasks would be handled under
ordering section.
AM 24.03 Clinical task The system shall provide the ability to re- DC.3.1.1 AMB 2.27, 2.30
assignment assign and route tasks from one user to 2007 P
and routing another user.
AM 24.04 Clinical task The system shall provide the ability to DC.3.1.1 AMB 2.30
assignment designate a task as completed. 2006 P
and routing
AM 24.05 Clinical task The system shall provide the ability to Removing a task eliminates it from an DC.3.1.1 Does not appear in test script;
individual user's "to do" list, not from audit see Certification Handbook
assignment remove a task without completing the task. 2006 P
logs, etc.
and routing
AM 25.01 Inter-provider The system shall provide the ability to DC.3.2.1 Does not appear in test script;
communication document verbal/telephone 2006 P see Certification Handbook
AM 26.01 Pharmacy The system shall have the ability to DC.3.2.2 AMB 1.45
communication provide electronic communication
between prescribers and pharmacies or 2006 P
other intended recipients of the medication
order.
AM 27.01 Provider The system shall provide the ability to S.1.3.1 SEC 5.04, 5.09
demographics maintain a directory of all clinical
2006 P
personnel who currently use or access the
system.
AM 27.02 Provider The system shall provide the ability to This directory may be the same as that in S.1.3.1 AMB ADM.11
demographics maintain a directory which contains criterion AM 27.01 for this functionality.
AM 28.01 Scheduling The system shall provide the ability to S.1.6 Does not appear in test script;
see Certification Handbook
display a schedule of patient
appointments, populated either through
2006 P
data entry in the system itself or through
an external application interoperating with
the system.
AM 29.01 Report The system shall provide the ability to Needed for pay for performance, quality S.2.2 AMB 4.72, 4.74
improvement activities. All data that is
generation generate reports of clinical and
2007 P entered in a structured format should be
administrative data using either internal or individually reportable.
external reporting tools.
AM 29.02 Report The system shall provide the ability to Report format may be plain text. S.2.2 AMB 1.38, 4.38
generation generate reports consisting of all or part of
2006 P
an individual patient’s medical record (e.g.
patient summary).
AM 29.03 Report The system shall provide the ability to Any disease registry might be included. S.2.2 AMB 4.72
generation generate reports regarding multiple 2007 P
patients (e.g. diabetes roster).
AM 29.04 Report The system shall provide the ability to Minimum demographic data are age and S.2.2 AMB 4.72, 4.76
generation specify report parameters (sort and filter gender.
application.
AM 29.06 Report The system shall provide the ability to S.2.2 AMB 4.80
generation produce reports based on the absence of
a clinical data element (e.g., a lab test has
2009 N
not been performed or a blood pressure
has not been measured in the last year).
AM 29.07 Report The system shall provide the ability to S.2.2 AMB 4.77, 4.78
generation save report parameters for generating 2007 P
subsequent reports.
AM 29.08 Report The system shall provide the ability to It is acceptable if a 3rd-party reporting tool or S.2.2 AMB 4.79
application is used.
generation modify one or more parameters of a saved
report specification when generating a 2008 P
report using that specification.
AM 30.01 Health record The system shall provide the ability to This allows the practice to not print S.2.2.1 AMB 4.83
output define one or more reports as the formal demographics, certain confidential sections,
2007 P or other items. Report format may be plain
health record for disclosure purposes. text initially. In the future there will be a need
for structured reports as interoperability
standards evolve.
AM 30.02 Health record The system shall provide the ability to This could include but is not limited to the S.2.2.1 AMB 1.38, 4.38
output generate hardcopy or electronic output of ability to generate standardized reports
2006 P needed for work, school, or athletic
part or all of the individual patient's participation.
medical record.
AM 30.03 Health record The system shall provide the ability to It is not required that output by date or date S.2.2.1 AMB 4.75
range includes items that are not date
output generate hardcopy and electronic output 2007 P
specific.
by date and/or date range.
AM 30.04 Health record The system shall provide the ability to De-identifying data on hardcopy or electronic S.2.2.1 AMB 4.78
output export structured data which removes output is necessary for research. However, it
must be emphasized that this function is not
those identifiers listed in the HIPAA intended to cleanse the text in the note or
definition of a limited dataset. This export data in the original record.
on hardcopy and electronic output shall As per HIPAA Standards for Privacy of
leave the actual PHI data unmodified in Individually Identifiable Health Information, 45
CFR Parts 160 and 164, identifiers that shall
the original record.
be removed are:
1. Names;
2. Postal address information, other than
town or city, state and zip code;
3. Telephone numbers;
4. Fax numbers;
2008 P 5. Electronic mail addresses;
6. Social security numbers;
7. Medical record numbers;
8. Health plan beneficiary numbers;
9. Account numbers;
10. Certificate/license numbers;
11. Vehicle identifiers and serial numbers,
including license plate numbers;
12. Device identifiers and serial numbers;
13. Web Universal Resource Locators
(URLs);
14. Internet Protocol (IP) address numbers;
15. Biometric identifiers, including finger and
voice prints; and
16. Full face photographic images and any
comparable images.
The report that's produced should be S.2.2.1 AMB 1.38
AM 30.05 Health record The system shall provide the ability to
output create hardcopy and electronic report organized by section to make it easier to
read.
summary information (procedures, 2006 P
medications, labs, immunizations,
allergies, and vital signs).
AM 30.06 Health record The system shall have the ability to This criterion may be satisfied by providing Source is public comments and AMB 4.84
output provide support for disclosure the ability to create a note in the patient's WG discussion.
2007 P record. More advanced functionality may be
management in compliance with HIPAA market differentiators or requirements in later
and applicable law. years.
AM 31.02 Encounter The system shall provide the ability to This does not preclude entry via new S.3.1 Does not appear in test script;
management document encounters by one or more of technologies. see Certification Handbook
AM 31.03 Encounter The system shall provide the ability to S.3.1 Does not appear in test script;
management associate individual encounters with 2006 P see Certification Handbook
diagnoses.
AM 31.04 Encounter The system shall have the ability to S.3.1 AMB 4.69
management provide filtered displays of encounters
based on encounter characteristics, 2007 P
including date of service, encounter
provider and associated diagnosis.
AM 33.01 Eligibility The system shall provide the ability to The EHR need only provide information for S.3.3.2 AMB 4.02
verification and display medical eligibility obtained from the physician as to whether the patient is
covered by that insurance plan. At this time
determination patient's insurance carrier, populated this can be accomplished by a text note
of coverage either through data entry in the system 2007 P following telephone verification. In the future
itself or through an external application this data will need to be structured in
interoperating with the system. compliance with evolving interoperability
standards.
AM 34.02 Manage The system shall provide the ability to This is simply meant as a means to define the S.3.4 AMB ADM.08
Practitioner/Pat
specify the role of each provider provider role. Display of that data is not
addressed.
ient associated with a patient, such as
2009 N
relationships encounter provider, primary care provider,
attending, resident, or consultant using
structured data.
AM 35.01 Clinical The system shall provide the ability to Growth charts, CPT-4 codes, drug S.3.7.1 SEC 6.24
decision update the clinical content or rules utilized interactions would be an example. Any
method of updating would be acceptable.
support system to generate clinical decision support 2006 P Content could be third party or customer
guidelines reminders and alerts. created.
updates
AM 35.02 Clinical The system shall provide the ability to Any method of updating would be acceptable. S.3.7.1 AMB 4.07
decision update clinical decision support guidelines Content could be third party or customer
created.
support system and associated reference material. 2006 P
guidelines
updates
FN 18.02 Clinical The system shall provide the ability to An example would be "patient refused." Source is WG discussion and AMB 4.08
decision capture and maintain, as discrete data, the cross-group harmonization.
AM 36.02 Enforcement of The system shall provide a means to This does not imply that the patient can I.1.9 AMB 2.11
confidentiality document a patient's dispute with document directly in their chart. Some
methods include but are not limited to
information currently in their chart. allowing the patient a view only access to
their record, printing a copy of the record for a
2008 P patient to review. Methods to include the
information in the chart could be as a note, a
scanned copy of patient comments, an
addendum to the note or other method not
described.
AM 36.04 Enforcement of The system shall provide the ability to This may be implemented by having a I.1.9 AMB 2.20, 2.31
confidentiality identify certain information as confidential "confidential" section of the chart. In the
future such confidential designation will be
and only make that accessible by 2008 P required at the data element level, e.g.,
appropriately authorized users. individual problems on the problem list,
medications, allergies, results, etc.
AM 36.05 Enforcement of The system shall provide the ability to An example would be to block a user who has I.1.9 AMB 1.58
confidentiality prevent specified user(s) from accessing a 2009 N a personal relationship with a patient from
accessing that patient's chart.
designated patient's chart.
AM 36.06 Enforcement of When access to a chart is restricted, the Source is public comments and AMB 1.59
confidentiality system shall provide a means for WG discussion.
2009 N
appropriately authorized users to "break
the glass" for emergency situations.
AM 37.01 Data retention, The system shall provide the ability to I.2.1 SEC 6.11
availability and retain data until otherwise purged, deleted,
2006 P
destruction archived or otherwise deliberately
removed.
AM 39.01 Extraction of The system shall provide the ability to For example, export of performance I.2.4 AMB 4.72
measures, ability to query data base, chronic
health record export (extract) pre-defined set(s) of data 2007 P
disease management tools.
information out of the system.
AM 40.01 Concurrent use The system shall provide the ability for Ontario 5.6.1.a AMB 4.91
multiple users to interact concurrently with 2006 P
the EHR application.
AM 40.02 Concurrent use The system shall provide the ability for Ontario 5.6.1.a AMB 4.92
concurrent users to simultaneously view
2006 P
the same record.
AM 40.03 Concurrent use The system shall provide the ability for Ontario 5.6.1.a AMB 4.93
concurrent users to view the same clinical 2006 P
documentation or template.
AM 40.04 Concurrent use The system shall provide protection to To prevent users from simultaneously Ontario 5.6.1.a, I.1.9 AMB 4.94
attempting to update a record with resultant
maintain the integrity of clinical data during 2006 P
loss of data
concurrent access.
IO-AM Laboratory The system shall provide the ability to The test files are designed so that products HL7 v2.5.1, LOINC AMB 3.02, 3.03, 3.04
receive and store general laboratory implementing HL7 v2.5.1 standard will be
07.01
found compliant. The test identifier will be For more information please
results using the HL7 v.2.5.1 ORU encoded in LOINC, and will be drawn from refer to the CCHIT Certified
2007 P
message standard among common test codes from the HEDIS 2011 Interoperability Testing
subset. See LOINC.org for more about Guide.
HEDIS.
IO-AM Medications / The system shall provide the ability to Medication Management AMB 4.65, SEC 6.22
ePrescribing send an electronic prescription to Interoperability Spec (HITSP
09.06
v1.0 2008 IS07);
pharmacy 2007 P NCPDP SCRIPT Standard v8.1
(NEWRX)
IO-AM Medications / The system shall provide the ability to Medication Management SEC 6.22
ePrescribing respond to a request for a refill sent from a Interoperability Specification
09.09
(HITSP v1.0 2008 IS07);
pharmacy 2007 P NCPDP SCRIPT Standard 8.1
(REFREQ and REFRES)
IO-AM Medications / The system shall provide the ability to An essential first step prior to sending a query Medication Management SEC 6.22
ePrescribing send a query to verify prescription drug for medication history or formulary information Interoperability Specification
09.13
directed at prescription drug coverage. (HITSP v1.0 2008 IS07)
insurance eligibility and apply response to 2008 P X12 270/271/ CORE Phase I
formulary and benefit files to determine Rules
coverage
IO-AM Medications / The system shall provide the ability to Usually preceded by a query for insurance Medication Management SEC 6.22
eligibility to verify potential source of data. Interoperability Specification
09.14 ePrescribing capture and display formulary information
(HITSP v1.0 2008 IS07);
from pharmacy or PBM (Pharmacy 2008 P NCPDP Formulary and Benefit
Benefits Manager) by applying eligibility Standard Implementation Guide
response v1.0
IO-AM Medications / The system shall provide the ability to NCPDP SCRIPT Standard v8.1 SEC 6.22
ePrescribing send a query for medication history to (RXHREQ, RXHRES) / NDC
09.15
2008 P codes
PBM or pharmacy to capture and display
medication list from the EHR
IO-AM Clinical The system shall provide the ability to Requires the Document Consumer only to HITSP IS107 v1.0 - EHR- AMB 3.08
Documentation display HITSP C32/CCD documents and have the ability to display the document as Centric Interoperability
10.10
requested. (it may not be able to locally Specification;
file them as intact documents in the EHR. import it in the patient record). CAP119 Communicate
Structured Document
Summary patient record content Specification;
information will include: patient C32 v.2.5 Summary
2009 N Documents Using HL7
demographics, medication list, medication Continuity of Care Document
allergy list. (CCD);
C80 v1.1 - Clinical Document
and Message Terminology;
C83 v1.1 - CDA Content
Modules;
IO-AM Clinical The system shall provide the ability to Structured entries, narrative text and Summary Documents Using AMB 3.09, 3.10, 3.11, 3.12
Documentation generate and format patient summary specified coded terminologies are required for CCD Component (HITSP v2.3
10.20
the following patient summary sections: C32)
documents per the following patient demographics, medication list, Consumer Empowerment
specifications: medication allergy list; Interoperability Specification
(HITSP v3.0 IS03)
HITSP C32 (v2.3 or v2.5) Vocabularies -OR-
Medications: RxNORM/NDC HITSP IS107 v1.0 - EHR-
Allergies: RxNORM, UNII Centric Interoperability
Summary patient record content Specification;
information will include: patient CAP119 Communicate
demographics, medications, medication Structured Document
2009 N Specification;
allergies
C32 v.2.5 Summary
Documents Using HL7
Generated xml documents must Continuity of Care Document
demonstrate use of industry-standard (CCD);
vocabularies/terminologies. C80 v1.1 - Clinical Document
and Message Terminology;
C83 v1.1 - CDA Content
The intent is to test the Required (R) Modules
fields, including the product coded
terminology for the medication and
medication allergy.
PC 01.11 Amendments The system shall provide the ability for a PC 01.11 is addressing finalized notes and ASTM E 2107-99 on AMB 4.49
clinical or other authorized user to view changes made to a final note. Amendments (also addresses a
PC 01.11 does not address a 'note in number of versioning issues for
the full content of a finalized note. The full progress' which is a note that has not been non-finalized notes)
content of a finalized note includes the finalized.
finalized note and any finalized
modifications to that note including 2009 N
finalized changes referred to as
corrections, clarifications, addenda, etc.
Finalizing is the act of publishing into the
system in a way that others may access
information that has changed.
PC 04.08 Data Integrity The system shall provide the ability to Intent: any method of flagging incomplete MRET RTI Report AMB 4.33
Auditability save a note in progress prior to finalizing notes is acceptable example: autosave recommendations and the HL7
2009 N
function, amendment function. RM-ES requirements
the note.
PC 08.01 Manage The system shall have the ability to record Clarification: This criterion does not require Excerpt from CMS Conditions AMB 1.57
Clinical and display the identity and credentials of that the system identify or display which of Participation for Hospitals,
portion or portions of a final note were pertaining to standards and
Documentation all users who entered all or part of a note entered by each user but rather that the requirements for medical
even if they did not finalize the note. system record and display which users were records, paper or electronic
involved in any part of the creation of the (CMS 2004)
note.
"All entries in the medical
record must be timed, dated,
and authenticated, and a
method established to identify
the author."
Federal Rules of Civil
Procedures: Business Records
Exception: General Rules
The trustworthiness of medical
2009 N records is accepted for
admissibility when the following
general criteria are satisfied:
SC 01.03 Access Control The system must be able to associate Canadian: Ontario 5.3.12.e SEC 5.10, 5.14, 5.19, 5.22,
permissions with a user using one or more (System Access Management); 5.25, 5.29
ISO 15408 CC SFR:
of the following access controls: 1) user- FDP_ACC, FMT_MSA;
based (access rights assigned to each ASTM: E1985-98;
user); 2) role-based (users are grouped NIST SP 800-53: AC-3
and access rights assigned to these ACCESS AND INFORMATION
FLOW CONTROL; SC-3
groups); or 3) context-based (role-based 2006 P SECURITY FUNCTION
with additional access rights assigned or ISOLATION
restricted based on the context of the HIPAA: 164.312(a)(1);
transaction such as time-of-day, 164.308(A)(3)(1);
workstation-location, emergency-mode, HITSP/TP20
etc.)
SC 01.04 Access Control The system shall support removal of a HIPAA: 164.308(a)(4)(ii)(C); SEC 5.41, 5.43, 5.44, 5.46,
user’s privileges without deleting the user 164.308(a)(3)(i)(C); 5.48, 5.49
HITSP/TP20
from the system. The purpose of the
2007 P
criteria is to provide the ability to remove a
user’s privileges, but maintain a history of
the user in the system.
SC 02.01 Audit The system shall allow an authorized ISO 15408 CC SFR: FAU_SEL; SEC 5.53
administrator to set the inclusion or HIPAA 164.312(b); 164.308
(a)(1)(ii)(A), (D); Federal
exclusion of auditable events in SC 02.03 Register Response pages
based on organizational policy & operating 8347, 8355;
requirements/limits. 2009 N NIST SP 800-53 AU-2
AUDITABLE EVENTS
(Organization Defined - Based
on Risk Assessement)
HITSP/TP15
SC 02.02 Audit The system shall support logging to a NIST SP 800-92/SP 800-92, SEC 6.21
common audit engine using the schema HITSP T15
HIPAA 164.312(a)(1);
and transports specified in the Audit Log 2009 N 164.312(b); 164.308
specification of IHE Audit Trails and Node (a)(1)(ii)(A) and (D);
Authentication (ATNA) Profile.
SC 02.03 Audit The system shall be able to detect security- ISO 15408 CC SFR: SEC 5.54
FAU_GEN;
relevant events that it mediates and
NIST SP 800-53: AU-2
generate audit records for them. At a AUDITABLE EVENTS;
minimum the events shall include those HIPAA: 164.312(b); 164.312(1);
listed in the Appendix Audited Events. 164.308 (a)(1)(ii)(A) and (D);
Note: The system is only responsible for HITSP/TP15
auditing security events that it mediates. A 2007 P
mediated event is an event that the
system has some active role in allowing or
causing to happen or has opportunity to
detect. The system is not expected to
create audit logs entries for security
events that it does not mediate.
SC 02.04 Audit The system shall record within each audit ISO 15408 CC SFR: SEC 5.55
record the following information when it is FAU_GEN;
NIST SP 800-53: AU-3
available: (1) date and time of the event; CONTENT OF AUDIT
(2) the component of the system (e.g. RECORDS, AU-10 NON-
software component, hardware REPUDIATION;
component) where the event occurred; (3) 2006 P HIPAA: 164.312(b);
HITSP/TP15
type of event (including: data description
and patient identifier when relevant); (4)
subject identity (e.g. user identity); and (5)
the outcome (success or failure) of the
event.
SC 02.05 Audit The system shall provide authorized Assignable to third party. ISO 15408 CC SFR: SEC 5.55, 7.14
administrators with the capability to read FAU_SAR;
NIST SP 800-53: AU-7 AUDIT
all audit information from the audit records REDUCTION AND REPORT
in one of the following two ways: 1) The GENERATION;
system shall provide the audit records in a HIPAA: 164.312(b);
manner suitable for the user to interpret HITSP/TP15
the information. The system shall provide
2007 P
the capability to generate reports based
on ranges of system date and time that
audit records were collected. 2) The
system shall be able to export logs into
text format in such a manner as to allow
correlation based on time (e.g. UTC
synchronization).
SC 02.06 Audit The system shall be able to support time Assignable to third party. ISO 15408 CC SFR: FPT_STM; SEC 6.12, 7.18
synchronization using NTP/SNTP, and NIST SP 800-53: AU-8 TIME
2006 P STAMPS; HITSP/TP16
use this synchronized time in all security HIPAA: 164.312(b)
records of time.
SC 02.07 Audit The system shall have the ability to format ISO 15408 CC SFR: FPT_STM; SEC 5.56
for export recorded time stamps using NIST SP 800-53: AU-8 TIME
STAMPS; HITSP/TP15
UTC based on ISO 8601. Example: "1994- HIPAA: 164.312(b)
2009 N
11-05T13:15:30-05:00" corresponds to
November 5, 1994, 8:15:30 am, US
Eastern Standard Time.
SC 02.08 Audit The system shall prohibit all users read Assignable to third party. ISO 15408 CC SFR: SEC 5.15, 5.22
access to the audit records, except those FAU_SAR, FAU_STG;
NIST SP 800-53: AU-9
users that have been granted explicit read- PROTECTION OF AUDIT
access. The system shall protect the INFORMATION;
2006 P
stored audit records from unauthorized HIPAA: 164.312(a)(1);
deletion. The system shall prevent HITSP/TP15
modifications to the audit records.
SC 03.01 Authentication The system shall authenticate the user Assignable to third party. Canadian: Alberta 1.1; SEC 5.19, 5.24, 5.31, 5.36,
before any access to Protected Resources ISO 15408 CC SFR: FIA_UAU, 5.38, 5.43, 7.09
FIA_UID;
(e.g. PHI) is allowed, including when not NIST SP 800-53: IA-2 USER
2006 P
connected to a network e.g. mobile IDENTIFICATION AND
devices. AUTHENTICATION;
HIPAA: 164.312(d)
SC 03.02 Authentication When passwords are used, the system Assignable to third party. Canadian: Alberta 7.3.12 SEC 5.11, 5.27, 5.32, 7.05
shall support password strength rules that (Security)
Canadian Ontario 5.3.12.b
allow for minimum number of characters, (System Access Management);
and inclusion of alpha-numeric complexity. ISO 15408 CC SFR: FIA_SOS,
FIA_UAU, FIA_UID;
ASTM: E1987-98;
2006 P NIST SP 800-53: IA-2 USER
IDENTIFICATION AND
AUTHENTICATION (no
strength of password);
ISO 17799: 9.3.1.d;
HIPAA: 164.
SC 03.03 Authentication The system upon detection of inactivity of Assignable to third party. Canadian: Alberta 7.3.14 SEC 5.26, 5.30, 5.31, 7.12
an interactive session shall prevent further (Security)
Canadian Ontario 5.6.12.a
viewing and access to the system by that (Workstation Security);
session by terminating the session, or by ISO 15408 CC SFR: FTA_SSL,
initiating a session lock that remains in FMT_SAE;
effect until the user reestablishes access 2007 P NIST SP 800-53: AC-7
UNSUCCESSFUL LOGIN
using appropriate identification and
ATTEMPTS; AC-11 SESSION
authentication procedures. The inactivity LOCK; AC-12 SESSION
timeout shall be configurable. TERMINATION
HIPAA: 164.312(a)(1);
164.312(a)(2)(iii)
SC 03.04 Authentication The system shall enforce a limit of Assignable to third party. Canadian: Ontario 5.3.12.c SEC 5.12, 5.34, 5.35, 5.36,
(System Access Management); 7.06
(configurable) consecutive invalid access
ISO 15408 CC SFR: FIA_AFL,
attempts by a user. The system shall FMT_SAE;
protect against further, possibly malicious, NIST SP 800-53: AC-6
user authentication attempts using an UNSUCCESSFUL LOGIN
appropriate mechanism (e.g. locks the ATTEMPTS, AC-11 SESSION
LOCK ;
account/node until released by an 2007 P
ISO 17799: 9.3.1.e, 9.5.2.e;
administrator, locks the account/node for a HIPAA: 164.312(a)(1);
configurable time period, or delays the 164.308(a)(5)(ii)C;
next login prompt according to a 164.308(a)(6)
configurable delay algorithm).
SC 03.05 Authentication When passwords are used, the system Assignable to third party. ISO 15408 CC SFR: SEC 5.52, 7.15
shall provide an administrative function FMT_MTD;
2006 P ISO 17799: 9.2.3.b, (9.3.1.f);
that resets passwords. HIPAA: 164.312(d);
164.308(5)(ii)(D)
SC 03.06 Authentication When passwords are used, user accounts Assignable to third party. ISO 15408 CC SFR: SEC 5.58, 7.16
that have been reset by an administrator FMT_MTD;
ISO 17799: 9.2.3.b, (9.3.1.f);
shall require the user to change the 2006 P HIPAA: 164.312(d);
password at next successful logon. 164.308(5)(ii)(D)
SC 03.07 Authentication The system shall provide only limited Assignable to third party. ISO 15408 CC SFR: FIA_UAU; SEC 5.18, 5.20, 5.44, 7.08
feedback information to the user during NIST SP 800-53: IA-6
AUTHENTICATOR
the authentication. 2006 P FEEDBACK;
HIPAA: 164.312(d);
164.308(5)(ii)(D)
SC 03.08 Authentication The system shall support case-insensitive Assignable to third party. ISO 15408 CC SFR: SEC 5.24, 7.11
usernames that contain typeable alpha- FMT_MTD;
HIPAA: 164.312(a)(2)(i)
numeric characters in support of ISO- 2006 P
646/ECMA-6 (aka US ASCII).
SC 03.09 Authentication When passwords are used, the system Assignable to third party. ISO 15408 CC SFR: SEC 5.27, 5.32, 7.13
shall allow an authenticated user to FMT_MTD;
2006 P HIPAA: 164.308(a)(5)(ii)(D)
change their password consistent with
password strength rules (SC 03.02).
SC 03.10 Authentication When passwords are used, the system Assignable to third party. Canadian: Ontario 5.3.12 (b); SEC 5.17, 5.19, 5.24, 7.07
NIST SP 800-63;
shall support case-sensitive passwords
HIPAA: 164.308(a)(5)(ii)(D)
that contain typeable alpha-numeric 2006 P
characters in support of ISO-646/ECMA-6
(aka US ASCII).
SC 03.11 Authentication When passwords are used, the system Assignable to third party. Canadian: Ontario 5.3.12.a SEC 6.18, 6.19, 7.23, 7.24
shall use either standards-based (System Access Management);
ISO 15408 CC SFR:
encryption, e.g., 3DES, AES, or standards- FCS_CKM;
based hashing, e.g., SHA1 to store or NIST SP 800-53: SC-12
transport passwords. CRYPTOGRAPHIC KEY
ESTABLISHMENT AND
2011 N MANAGEMENT;
HIPAA: 164.312(e)(1);
164.308(a)(5)(ii)(D)
FIPS PUB 197
FIPS PUB 140-2
SC 03.12 Authentication When passwords are used, the system Assignable to third party. ISO 15408 CC SFR: SEC 6.01, 7.25
shall prevent the reuse of passwords FMT_MTD;
ISO 17799 9.5.4.f;
previously used within a specific HIPAA 164.312(d);
(configurable) timeframe (i.e., within the 164.308(a)(5)(ii)(D);
last X days, etc. - e.g. "last 180 days"), or NIST SP 800-53: IA5
2007 P AUTHENTICATOR
shall prevent the reuse of a certain
MANAGEMENT
(configurable) number of the most recently
used passwords (e.g. "last 5 passwords").
SC 04.01 Documentation The system shall include documentation ISO 15408 CC SFR: SEC 6.07
AGD_ADM;
that describes the patch (hot-fix) handling
HIPAA: 164.308(a)(5)(i)(B)
process the vendor will use for EHR,
operating system and underlying tools
2007 P
(e.g. a specific web site for notification of
new patches, an approved patch list,
special instructions for installation, and
post-installation test).
SC 04.02 Documentation The system shall include documentation ISO 15408 CC SFR: SEC 6.08
that explains system error or performance AGD_ADM;
2006 P HIPAA: 164.312(c)
messages to users and administrators,
with the actions required.
SC 04.03 Documentation The system shall include documentation of ISO 15408 CC SFR: SEC 6.09
product capacities (e.g. number of users, AGD_ADM;
NIST SP 800-53 CM-2;
number of transactions per second, HIPAA: 164.312(c);
number of records, network load, etc.) and 164.306(A)(1)
the baseline representative configurations 2007 P
assumed for these capacities (e.g.
number or type of processors,
server/workstation configuration and
network capacity, etc).
SC 04.04 Documentation The system shall include documented ISO 15408 CC SFR: ADO_IGS; SEC 6.06
procedures for product installation, start- 2006 P HIPAA: 164.312(c)
up and/or connection.
SC 04.05 Documentation The system shall include documentation of NIST SP 800-53 AC-5 SEC 6.05
SEPARATION OF DUTIES; CM-
the minimal privileges necessary for each
7 Least Functionality;
service and protocol necessary to provide 2006 P HIPAA: 164.312(a)(1);
EHR functionality and/or serviceability. 164.312(a)(2)
SC 04.06 Documentation The system shall include documentation Canadian: Alberta 7.3.17 SEC 6.03
available to the customer stating whether (Security);
ISO 15408 CC SFR: FPT_TST
or not there are known issues or conflicts ISO 15408 CC SFR:
with security services in at least the AGD_ADM;
following service areas: antivirus, NIST SP 800-53 SI-3
intrusion detection, malware eradication, MALICIOUS CODE
2007 P PROTECTION;
host-based firewall and the resolution of
HIPAA: 164.308(a)(5)(i)(B)
that conflict (e.g. most systems should
note that full virus scanning should be
done outside of peak usage times and
should exclude the databases.).
SC 04.07 Documentation If the system includes hardware, the ISO 15408 CC SFR: SEC 6.04
system shall include documentation that AGD_ADM;
HIPAA: 164.310(a)(2)
covers the expected physical environment
necessary for proper secure and reliable 2007 P
operation of the system including:
electrical, HVAC, sterilization, and work
area.
SC 04.08 Documentation The system shall include documentation ISO 15408 CC SFR: SEC 6.05
that itemizes the services (e.g. PHP, web AGD_ADM;
NIST SP 800-53 AC-5 CM-6;
services) and network protocols/ports NIST SP 800-70;
(e.g. HL-7, HTTP, FTP) that are HIPAA 164.312(a)(1)
necessary for proper operation and
servicing of the system, including 2007 P
justification of the need for that service
and protocol. This information may be
used by the healthcare facility to properly
configure their network defenses (firewalls
and routers).
SC 04.09 Documentation The system shall include documentation ISO 15408 CC SFR: SEC 6.06
that describes the steps needed to confirm AGD_ADM;
HIPAA: 164.312©
that the system installation was properly 2007 P
completed and that the system is
operational.
SC 04.10 Documentation The system shall include documentation Assignable to third party. ISO 15408 CC SFR: SEC 5.04, 5.09, 6.02, 7.04
available to the customer that provides AGD_ADM;
HIPAA: 164.312(a) to
guidelines for configuration and use of the 164.312(e)
security controls necessary to support
secure and reliable operation of the
2007 P
system, including but not limited to:
creation, modification, and deactivation of
user accounts, management of roles,
reset of passwords, configuration of
password constraints, and audit logs.
SC 05.01 Technical The software used to install and update ISO 15408 CC SFR: SEC 6.11
Services the system, independent of the mode or ADO_DEL;
HIPAA 164.308(a)(5)(ii)(B)
method of conveyance, shall be certified
free of malevolent software (“malware”).
2007 P
Vendor may self-certify compliance with
this standard through procedures that
make use of commercial malware
scanning software.
SC 05.02 Technical The system shall be configurable to Assignable to third party. ISO 15408 CC SFR: FPT_RCV; SEC 6.10, 7.17
Services prevent corruption or loss of data already HIPAA 164.312(c)(1)
SC 06.04 Technical The system shall support protection of Assignable to third party. ISO 15408 CC SFR: FPT_RCV; SEC 6.15, 7.20
Services integrity of all Protected Health Information FIPS 140-2; SP800-53: SC-13
CRYPTOGRAPHIC
(PHI) delivered over the Internet or other OPERATIONS;
known open networks via SHA1 hashing HIPAA: 164.312(e)(1); HITSP
2006 P
and an open protocol such as TLS, SSL, T17
IPSec, XML digital signature, or S/MIME or
their successors.
SC 06.05 Technical The system shall support ensuring the Assignable to third party. ISO 15408 CC SFR: FPT_RCV; SEC 6.16, 7.21
Services authenticity of remote nodes (mutual node HITSP T17;
HIPAA: 164.312(d);
authentication) when communicating 164.312(c)(1)
Protected Health Information (PHI) over
2006 P
the Internet or other known open networks
using an open protocol (e.g. TLS, SSL,
IPSec, XML sig, S/MIME).
SC 06.06 Technical The system, when storing PHI on any FIPS 140-2, ISO 15408 CC SEC 6.20, 7.26
Services device intended to be portable/removable SFR: FCS_COP, OMB M-06-
16, SP800-53: AC-19, HITSP
(e.g. thumb-drives, CD-ROM, PDA, T33;
Notebook), shall support use of a HIPAA: 164.312(e)(2)(ii)
2009 N
standards based encrypted format using FIPS PUB 140-2
triple-DES (3DES), or the Advanced
Encryption Standard (AES), or their
successors.
SC 06.07 Technical The system, prior to access to any PHI, Assignable to third party. CC 2.1 L.4 TOE access SEC 5.13, 5.21
Services shall display a configurable warning or banners (FTA_TAB); CC 3.0
FIA_TIN.1 Advisory warning
login banner (e.g. "The system should only message;
be accessed by authorized users"). NIST SP 800-53 AC-8 System
In the event that a system does not 2009 N
Use Notification
support pre-login capabilities, the system HIPAA 164.308(a)(5)(i);
164.308(a)(5)(ii)
shall display the banner immediately
following authorization.
SC 08.01 Backup/Recov The system shall be able to generate a Assignable to third party. Canadian: Alberta 7.3.16 SEC 5.01, 7.01
(Security);
ery backup copy of the application data,
2006 P ISO 15408 CC SFR:
security credentials, and log/audit files. FDP_ROL, FPT_RCV;
HIPAA: 164.310(d)(1)
SC 08.02 Backup/Recov The system restore functionality shall Assignable to third party. Canadian: Alberta 7.3.18.9 SEC 5.06, 5.08, 7.03
ery result in a fully operational and secure (Security);
ISO 15408 CC SFR:
state. This state shall include the FAU_GEN;
2006 P
restoration of the application data, security NIST SP 800-53: AU-2
credentials, and log/audit files to their AUDITABLE EVENTS;
previous state. HIPAA: 164.310(d)(1)
SC 08.03 Backup/Recov If the system claims to be available 24x7 Assignable to third party. Canadian: Alberta 7.4.2.5 SEC 5.02, 7.02
ery then the system shall have ability to run a (Technica+D1l);
2006 P ISO 15408 CC SFR:
backup concurrently with the operation of FDP_ROL;
the application. HIPAA: 164.310(d)(1)
1. start/stop
2. user login/logout
3. session timeout
4. account lockout
5. patient record
created/viewed/updated/deleted
6. scheduling
7. query
8. order
9. node-authentication failure
10. signature created/validated
11. PHI export (e.g. print)
12. PHI import
13. security administration events
14. backup and restore